This article describes the results of a recent hackathon, where the team built a machine learning system that tries to classify API requests as regular and malicious. Interestingly they opted for a NLP based approach and the resulting model seems quite efficient, but the lessons learned are interesting as well.